NEWS

Apple Ordered By A Judge To Bypass Encryption

The ante just has been raised in the high-stakes privacy versus national security game. Confirming the opinion by the government that Apple can’t override its own encryption simply because it designed it that way, a federal magistrate, in a first-ever ruling, ordered Apple to hack into the work phone of one of the San Bernardino shooters. Though very much front page news on Wednesday, already it has drifted a bit from the public eye. But no mistake, this could be the tip of an extremely ugly iceberg.

The ruling by federal magistrate Sheryl Pym, which would compel Apple to comply in five days with FBI efforts to garner information, has sent shockwaves through the communications industry, and prompted a scathing response by Tim Cook, who knows only too well that his company’s future depends on its ability to protect customer data,

“In the wrong hands, this software, which does not exist today, would have the potential to unlock any iPhone in someone’s physical possession. The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a back door. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.”

The implications of Judge Pym’s decree has far-reaching consequences and could set a dangerous precedent even though the federal magistrate and the FBI claim that it is a narrow ruling related only to the San Bernardino case. Apple’s CEO who warned that the determination “has implications far beyond the legal case at hand.” Indeed, the Obama administration seemed sanguine over the pronouncement belying its previous benign posture of being in favour of strong encryption while at the same time angling for ways to weaken it behind the scenes.

The judge’s ruling comes at a time when strong encryption has come under assault from a variety of directions, but none more potentially damaging than the fire being directed by an important member of the Senate Intelligence Committee. Senator Tom Cotton (R-Ark) doubled-down on the charge that that Apple is using its impotence as an excuse,

“As a society, we don’t allow phone companies to design their systems to avoid lawful, court-ordered searches.” He is implying that Apple deliberately thumbs its nose at law enforcement by purposely creating the inability to crack its own encryption. If we apply a different legal standard to companies like Apple, Google and Facebook, we can expect them to become the preferred messaging services of child pornographers, drug traffickers, and terrorists alike – which neither these companies nor law enforcement want.”

The fact that this comes from the mouth of a key member of the party in control of Congress is especially troubling for Apple and privacy advocates. What also bears mentioning here is that Senators from both sides of the aisle, led by Intelligence chairman Richard Burr (R-NC) and Vice-chair, Diane Feinstein (D-CA) are on record as requiring tech companies to provide a backdoor into encrypted data if law enforcement provides warrants.

The iPhone in question is a 5C, which doesn’t have Apple’s most important security feature, the Secure Enclave, a separate computer within the computer. This is good news in one respect for the government in that it is possible, with a few steps, to unlock the secrets of the phone. Had the phone been a later generation device, even Apple couldn’t get into it. But Apple has the ability in this model to disable the security feature – something to which they are vehemently opposed. This phone, however, does limit the passcode tries to ten times before rendering it impossible to open. That’s why the FBI wants Apple to disable the security feature. Once the security is crippled, agents would be able to guess as many combinations as possible.

A major worry is that if Apple were to cave to the ruling, the FBI could use the entry code as a type of passkey with which to gain entry to other devices and systems. And, last but not least, if the US government is successful in this ploy, what’s to prevent other countries, like Russia or China, from demanding the same from Apple if they wish to operate there? He stakes are enormous, despite it being a decree by a rather low-level member of the judiciary. This bears watching in the coming days and weeks.